(Pwn2Own) HP Color LaserJet Pro M479fdw CFF Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro M479fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of CFF fonts. The issue results from the...

Ubuntu Update for openjdk-6 vulnerabilities USN-1079-1

Ubuntu Update for Linux kernel vulnerabilities USN-1079-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10791.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for openjdk-6 vulnerabilities USN-1079-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

USN-1079-1: OpenJDK 6 vulnerabilities

It was discovered that untrusted Java applets could create domain name resolution cache entries, allowing an attacker to manipulate name resolution within the JVM. CVE-2010-4448 It was discovered that the Java launcher did not did not properly setup the LDLIBRARYPATH environment variable. A local...

freetype: Input stream position error by processing Compact Font Format (CFF) font files

Integer overflow in base/ftstream.c in libXft aka the X FreeType library in FreeType before 2.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Compact Font Format CFF font file that triggers a heap-based buffer overflow,...

Apple Readies Patch for Jailbreakme.com Vulnerability

USA Today’s Byron Acohido is reporting that Apple plans to rush out a patch for the drive-by download flaw that allows jailbreaking if an iPhone, iPad or iPod Touch device simply surfs to a web site. “The patch is completed, Apple spokeswoman Natalie Kerris said in an interview. But Kerris said o...